New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
How do you deal with FraudRecord listings?
How do you calculate FraudRecord review requirements?
Is anyone out there using the name field in their to review (or reject) order calculation?
If so is anyone willing to comment on how they handle user identification (i.e common names)?
We have been using email addresses for a while, and throwing alerts for review on any order with at-least 2 or more reports. Totally ignoring the name field.
I just finished the paypal submission for someone who would have been rejected if we also integrated the name field (1x email report, 3x name report - including the email report) so curious if anyone here would have caught that.
Comments
Can't you review name matches IF there's at least one mail match?
FraudRecord data is stored and processed outside of EU. We used to use it, not anymore (due to GDPR) as other options of fraud screening is available.
FraudRecord used to be storing the customer name + email + ip address and based on match be able to see any past order and usage history of the customer.
Fraudrecord store only hashes of name, email etc. They do not store plain text data. So no gdpr bs apply here.
We are actually working on a similar project (GDPR compliant and free) and are still discussing about how to determine risk on fields like names or addresses.
Then again there might be inaccurate and outdated reports under listings. A lot of factors to think about.
I think rejection by name is not viable and should be reconsidered with other criteria.
That was the advice we received too.
Is there any way to query FraudRecords DB and pull a report for myself?
We usually review manually.
Yeah it should be possible. You can view on their site as well
https://www.fraudrecord.com/api/?showreport=baf224d0cb1f8d4e
I'm wouldn't be so sure about this, we have been working with lawyers recently regarding data storage/processing and the GDPR is still strict, if you want to do it right. An IP address can be traced back to a user, but a hash of an IP can also be traced back to a user.
If hash is encrypted with one way encryption, than what?
Encryption is two-way, hashing is not. Yet in both cases it can be traced/linked back to a user.
127.0.0.1 = Walter White
4b84b15bff6ee5796152495a230e45e3d7e947d9 = Walter White